>>> Bartsch Axel <[EMAIL PROTECTED]> 08-Feb-01 7:32:55 PM
>>>
>While "friendly" servlets may want to share a
>session (to treat a client request by more than
>one servlet: e.g. by forwarding the request from
>one servlet to the other), this is a disaster for
>"hostile" servlets.
>Is this really true what I am saying?
No.
>What can be done?
You could read the archives or one of the many resources about
servlets. They explain how *this* session security problem has been
dealt with.
Nic
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
